Russian space, telecom industries targeted by espionage

By

Scammers don't hide stolen data.

A number of Russian industries are facing the wrath of sophisticated malware designed to siphon sensitive data, FireEye says.

Russian space, telecom industries targeted by espionage

Researchers Alex Lanstein and Ali Islam said employees working at organisations representing the Russian space, information, education and telecommunications industries have been hit by socially engineered emails containing exploits.

The attacks, which are believed to have originated in Korea, used as their lure a legitimate Microsoft word document, which launches once the exploit is "successful," the researchers said.

"One thing that is true in nearly all targeted attacks is that there is an aspect baked in which the cyber criminal gives the victim a decoy document," Lanstein and Islam wrote in a blog.

"As a result, the victim is dissuaded from the calling the computer help desk, thinking he/she got [a] legitimate document. This attack is no different."

What makes the campaign unique is that the purveyors don't seem interested in hiding their stolen data, which includes credentials, as well as information about where victims are located.

The fraudsters set up their command-and-control center to run on a public Korean message board, the researchers said.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Victoria's first government tech chief steps down

Victoria's first government tech chief steps down

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Log In

  |  Forgot your password?